Swiss-based digital game maker Miniclip has reached a settlement with the U.S. Federal Trade Commission for lying about its participation in a children’s privacy self-regulatory program.

Under the Children’s Online Privacy Protection Act (COPPA), companies that collect personal information about children under age 13 must provide parents with notice of their collection practices and obtain verifiable parental consent. Companies are deemed in compliance with COPPA if they are a member and adhere to the guidelines of an FTC-approved COPPA safe harbor program, such as the Better Business Bureau’s Children’s Advertising Review Unit’s (CARU) safe harbor program.

Miniclip, which is owned by Chinese tech conglomerate Tencent, joined CARU’s safe harbor program in 2009 and remained a member until 2015, when CARU in a rare move terminated Miniclip’s participation in the program. According to the FTC, such terminations are “exceedingly rare.”

“I commend CARU for demonstrating its willingness to discipline its participants that violate its guidelines, but the specific details regarding Miniclip’s violations that led to its termination remain a secret to the public,” Commissioner Rohit Chopra said in a concurring statement. “If the FTC does not promptly learn about or investigate terminations by COPPA Safe Harbors, the agency may be unable to obtain civil penalties, due to the five-year statute of limitations.”

Chopra said, while he supports this action, he also reinforced his concerns about the COPPA safe harbor programs. “The Commission must take many steps to revamp its approach to these third-party privacy policing programs,” he said.

According to the FTC’s complaint, from 2015 through mid-2019, Miniclip falsely claimed on its website and on its Facebook games privacy policy page that it was still a member of CARU’s safe harbor program. “Consumers rely on companies to tell them the truth, especially when it comes to how they treat personal information about children,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection. “When companies like Miniclip promise consumers that they are an approved participant of a safe harbor program even after they’re removed, the FTC will take action.”

As part of the proposed settlement Miniclip is prohibited from misrepresenting its participation or certification in any privacy or security program sponsored by a government or any self-regulatory organization, including the CARU COPPA safe harbor program. The proposed settlement further subjects Miniclip to compliance and record-keeping requirements.

The Commission voted 5-0 to issue the proposed administrative complaint and to accept the consent agreement with Miniclip. The agreement is currently subject to public comment. Once the comment period ends, the Commission will decide whether to make the proposed consent order final.